﻿@{
    //SiteSecurity.RequireAuthenticatedUser();
    Layout = "~/Admin/_AdminSiteLayout.cshtml";
    if (SiteSecurity.CurrentUserName != "admin")
    {
        Response.Redirect("~/Account/Login");
    }
    Page.Title = "Manage Roles";

    var roleName = "";

    string[] userNames = new string[1];
    string[] roleNames = new string[1];

    var db = DBObject.Open();
    var selectQueryString = "SELECT UserId, Email FROM UserProfile";

    if (IsPost)
    {

        // Create new role
        if (!Request["buttonCreateRole"].IsEmpty())
        {
            roleName = Request["textRoleName"];
            if (!roleName.IsEmpty())
            {
                if (!Roles.RoleExists(roleName))
                {
                    Roles.CreateRole(roleName);
                }
            }
        } // if(buttonCreateRole)

        // Delete role
        if (!Request["buttonDeleteRole"].IsEmpty())
        {

            roleName = Request["textRoleName"];
            if (!roleName.IsEmpty())
            {
                if (Roles.GetUsersInRole(roleName).Length == 0)
                {
                    Roles.DeleteRole(roleName, true); // true means throw if any users are in this role
                }
            }
        } // if(buttonDeleteRole)

        // Add user to role
        if (!Request["buttonAddUserToRole"].IsEmpty())
        {
            userNames[0] = Request["selectUserName"];
            roleNames[0] = Request["selectRoleName"];
            if (!Roles.IsUserInRole(userNames[0], roleNames[0]))
            {
                Roles.AddUsersToRoles(userNames, roleNames);
            }
        } // if(buttonAddUserToRole)

        // Delete user from role
        if (!Request["buttonDeleteUserFromRole"].IsEmpty())
        {
            userNames[0] = Request["selectUserName"];
            roleNames[0] = Request["selectRoleName"];
            if (Roles.IsUserInRole(userNames[0], roleNames[0]))
            {
                Roles.RemoveUsersFromRoles(userNames, roleNames);
            }
        } // if(buttonDeleteUseFromRole)
    }
}
<h1>
    Manage Roles</h1>
<form method="post" action="">
<fieldset>
    <legend>Create or Delete Role</legend>
    <label for="textRoleName">
        Role name:</label>
    <input type="text" value="" name="textRoleName" />
    <br />
    <div>
        <input class="button thin gray" type="submit" value="Create Role" name="buttonCreateRole" />
        <input class="button thin red" type="submit" value="Delete Role" name="buttonDeleteRole" />
    </div>
</fieldset>
<fieldset>
    <legend>Assign or Delete Role</legend>
    <div>
        <div style="width: 170px; float: left;">
            <label>
                Users:</label>
            <select name="selectUserName">
                @foreach (var row in db.Query(selectQueryString))
                {
                    <option>@row.Email</option>
                }
            </select>
        </div>
        <div>
            <label>
                Roles:</label>
            <select name="selectRoleName">
                @foreach (var r in Roles.GetAllRoles())
                {
                    <option>@r</option>
                }
            </select>
        </div>
    </div>
    <br />
    <div>
        <input class="button thin gray" type="submit" value="Add User" name="buttonAddUserToRole" />
        <input class="button thin red" type="submit" value="Delete User" name="buttonDeleteUserFromRole" />
    </div>
</fieldset>
<fieldset>
    <legend>Roles</legend>
    <ul>
        @foreach (var r in Roles.GetAllRoles())
        {
            <li>
                <label>
                    @r
                </label>
            </li>
            <ul>
                @foreach (var u in Roles.GetUsersInRole(r))
                {
                    <li>@u</li>
                }
            </ul>
        }
    </ul>
</fieldset>
</form>